Why backup in M365 is a necessity and what to do to protect corporate data
That cyber-attacks are on the rise is a bare fact. We read about them on the net, we hear about them on the radio, we watch them on television. But that does not mean that they are beyond us. No one is protected from attack by cyber criminals. In 2021, Europe saw a 68% increase in cyber attacks compared to 2020 (source: Check Point research). There is only one thing that will help against the loss of corporate and personal data – being well prepared.
Let’s start with the number 777. That’s the average number of cyber attacks per week on organisations in the EMEA region covering Europe, the Middle East and Africa, according to Check Point Cyber Attack trends. This region is also unflatteringly leading the trend in their increase, and the volumes of leaked data are also increasing in direct proportion. Last year, this amounted to 260 terabytes, representing more than 1.8 billion documents, files and emails (source: Tenable’s 2021 threat landscape retrospective).
A sophisticated attack? No. Just vulnerability disclosure
Behind the number 777 we don’t have to imagine the world’s most sophisticated and best hackers. They are moderately skilled, less motivated individuals, organized groups, or software that tries to simplify things. They don’t put much effort into the attack, but exploit vulnerabilities that already exist. “This is a weakness of an information asset, literally a weakness of an information system,” explains Igor Chudáčik, IT product manager at GAMO. “It is understood as a problematic or more easily attacked point of the system or an overcoming point of security measures, or as an inappropriate way of implementing the system or its protection.” To illustrate, vulnerabilities have increased by up to 241% compared to 2016.
What is more alarming is that most vulnerabilities are easy to find an exploit for, a way to break into the system. Moreover, these are publicly available with full code and explanations for download, modification and execution. The more vulnerabilities there are, the more likely an attacker is to penetrate the system.
Ransomware as a service
They offer it to cyber-attack-oriented companies to other cyber criminals who want to collaborate on ransomware attacks. It is ready to deploy along with manuals on how to execute it. Simply put, one can buy on the dark net the entire manual on how to execute a ransomware attack towards a specific company. The two parties then agree on the amount, or a share of the ransom, that the victim will pay.
Prime Threat
Of the attacks that contained malware, up to 38% were ransomware attacks. It has been declared the biggest threat of 2020 and 2021 by several international organisations.
It was one of the most widely used attacks at the time of the pandemic, with up to 1,200 organisations falling victim to this type of attack every week.
But the good news is that having vulnerability management in place means that we know about them and can fix them. Organizations using risk-based vulnerability management experience 80% fewer breaches (source: Forcepoint – Cybersecurity, compliance and protecting critical data, 2021).
Vulnerability testing is a commonly available service offered by various IT companies. For system protection, vulnerability management is the absolute alpha and omega of information system security.
In the past 18 months, up to 80% of organisations have experienced a data breach – lost data. And up to 43% of these companies reported 10 or more such incidents! This means that they took no steps to better secure their systems after the first leak.
We are a small company, nobody cares
The old familiar and repetitive ‘It can’t happen to us’ is definitely not the case. Cyber criminals do not ‘discriminate’. Small and medium-sized businesses are even more interesting to them than large corporations with sophisticated security solutions. Conversely, the large number of small companies with small cybersecurity budgets and a lack of skilled personnel makes them very attractive for a cyber attack.
Backup in M365
So, do you already believe that data backup is extremely important? The most used SaaS solution on the market is Microsoft 365. It has changed the system and business productivity from the ground up. Many businesses are literally dependent on it. We share calendars, files, mailboxes and work together on projects anytime, anywhere. BUT! Sharing is every hacker’s dream!
Given how important files are to us, securing and protecting data is imperative to maintaining productivity and business continuity. In Microsoft 365, data is well taken care of. Its responsibility is to maintain the global infrastructure, ensure the availability of services and data, and last but not least, take care of it in the datacenters. For example, if a Slovak company stores data within the European Union, Microsoft stores the data in yet another datacentre to ensure high protection and availability in case of loss, but also in case of natural disasters.
But where can the problem arise?
Let us first explain the shared responsibility model. If we are talking about an on-premise solution, which means that the data is stored inside the company, the responsibility for everything lies with the company and the company alone. From the data, to the devices, to the hardware, to the identities that access it. If we are talking about a SaaS solution, the responsibility is partly with the company and partly with Microsoft. In this case, the company ensures that the system has the correct data, accounts and under what conditions these accounts access the applications.
Conducting a successful attack on a Microsoft datacenter, whose security represents the best of the cybersecurity world, is so difficult and so unlikely that it can be ruled out outright. This means that data loss in a hacker attack or any physical failure is unlikely. It is much more likely that a company will lose data because of the weakest link of technical maturity, which is humans. In fact, as much as 64% of lost data was due to human error, a failure of the human factor (source: Aberdeen Group Analyst Insight – SaaS Data Loss).
How can this happen? Simple. A single click on a link or malware file is all it takes to get a single employee’s login credentials to give an attacker access to corporate data. According to surveys, this happens very often. Up to one in five employees will click on a phishing link despite security training, and up to 67.5% of people will enter their login credentials on a phishing site.
Microsoft thinks about inadvertent data deletion and therefore offers options and tools to recover it for 30 to 93 days. However, did you know that the average time to detect an attack is up to 200 days? Keep this in mind when creating a retention policy.
The frightening figures show that with the number of attacks on the rise, it is increasingly appropriate to consider higher data protection in company policy. Information systems need really good protection to be able to withstand them. But at the same time, the company also needs solutions that minimise the consequences of human failure. The 3 GAMO M365 BACKUP solutions can help with these challenges.
It is a managed service providing assurance that a copy of your data is backed up safe from any threat, whether it be inadvertent data deletion, external cyber threats or internal threats during personnel changes. The service also provides the security of a retention policy set according to legislative or company requirements.
